Compare commits
3 Commits
master
...
nss-3_12_6
Author | SHA1 | Date | |
---|---|---|---|
|
c6b2155624 | ||
|
fbb4c50e05 | ||
|
5333c595c9 |
@ -1,4 +1,4 @@
|
|||||||
nss-3.12.5-stripped.tar.bz2
|
nss-3.12.6-stripped.tar.bz2
|
||||||
nss-pem-20091210.tar.bz2
|
nss-pem-20091210.tar.bz2
|
||||||
blank-cert8.db
|
blank-cert8.db
|
||||||
blank-key3.db
|
blank-key3.db
|
||||||
|
@ -1,23 +0,0 @@
|
|||||||
Index: mozilla/security/nss/lib/ssl/ssl3con.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/ssl3con.c,v
|
|
||||||
retrieving revision 1.121
|
|
||||||
diff -u -p -r1.121 ssl3con.c
|
|
||||||
--- mozilla/security/nss/lib/ssl/ssl3con.c 12 Nov 2009 05:08:27 -0000 1.121
|
|
||||||
+++ mozilla/security/nss/lib/ssl/ssl3con.c 20 Nov 2009 19:36:30 -0000
|
|
||||||
@@ -4004,6 +4004,7 @@ ssl3_HandleHelloRequest(sslSocket *ss)
|
|
||||||
PORT_SetError(SSL_ERROR_RX_UNEXPECTED_HELLO_REQUEST);
|
|
||||||
return SECFailure;
|
|
||||||
}
|
|
||||||
+ /*
|
|
||||||
if (ss->opt.enableRenegotiation == SSL_RENEGOTIATE_NEVER) {
|
|
||||||
ssl_GetXmitBufLock(ss);
|
|
||||||
rv = SSL3_SendAlert(ss, alert_warning, no_renegotiation);
|
|
||||||
@@ -4011,6 +4012,7 @@ ssl3_HandleHelloRequest(sslSocket *ss)
|
|
||||||
PORT_SetError(SSL_ERROR_RENEGOTIATION_NOT_ALLOWED);
|
|
||||||
return SECFailure;
|
|
||||||
}
|
|
||||||
+ */
|
|
||||||
|
|
||||||
if (sid) {
|
|
||||||
ss->sec.uncache(sid);
|
|
17
540387.patch
17
540387.patch
@ -1,17 +0,0 @@
|
|||||||
diff --git a/mozilla/security/nss/lib/pk11wrap/pk11pars.c b/mozilla/security/nss/lib/pk11wrap/pk11pars.c
|
|
||||||
index c36cd25..5855084 100644
|
|
||||||
--- a/mozilla/security/nss/lib/pk11wrap/pk11pars.c
|
|
||||||
+++ b/mozilla/security/nss/lib/pk11wrap/pk11pars.c
|
|
||||||
@@ -1134,6 +1134,12 @@ SECMOD_LoadModule(char *modulespec,SECMODModule *parent, PRBool recurse)
|
|
||||||
|
|
||||||
for (; *index; index++) {
|
|
||||||
SECMODModule *child;
|
|
||||||
+ if (0 == PORT_Strcmp(*index, modulespec)) {
|
|
||||||
+ /* avoid trivial infinite recursion */
|
|
||||||
+ PORT_SetError(SEC_ERROR_NO_MODULE);
|
|
||||||
+ rv = SECFailure;
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
child = SECMOD_LoadModule(*index,module,PR_TRUE);
|
|
||||||
if (!child) break;
|
|
||||||
if (child->isCritical && !child->loaded) {
|
|
49
545779.patch
49
545779.patch
@ -1,49 +0,0 @@
|
|||||||
Index: mozilla/security/nss/lib/sysinit/nsssysinit.c
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/lib/sysinit/nsssysinit.c,v
|
|
||||||
retrieving revision 1.1
|
|
||||||
diff -u -p -r1.1 nsssysinit.c
|
|
||||||
--- mozilla/security/nss/lib/sysinit/nsssysinit.c 8 Oct 2009 17:08:36 -0000 1.1
|
|
||||||
+++ mozilla/security/nss/lib/sysinit/nsssysinit.c 12 Dec 2009 03:34:17 -0000
|
|
||||||
@@ -198,11 +198,20 @@ getFIPSMode(void)
|
|
||||||
* the decision making process.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
+static const char *nssDefaultFlags = "trustOrder=75 cipherOrder=100 \
|
|
||||||
+slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
|
|
||||||
+askpw=any timeout=30 ] } ";
|
|
||||||
+static const char *nssDefaultFIPSFlags = "trustOrder=75 cipherOrder=100 \
|
|
||||||
+slotParams={0x00000003=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
|
|
||||||
+askpw=any timeout=30 ] } ";
|
|
||||||
+
|
|
||||||
static char **
|
|
||||||
get_list(char *filename, char *stripped_parameters)
|
|
||||||
{
|
|
||||||
char **module_list = PORT_ZNewArray(char *, 4);
|
|
||||||
char *userdb;
|
|
||||||
+ int isFIPS = getFIPSMode();
|
|
||||||
+ const char *nssflags = isFIPS ? nssDefaultFIPSFlags : nssDefaultFlags;
|
|
||||||
int next = 0;
|
|
||||||
|
|
||||||
/* can't get any space */
|
|
||||||
@@ -217,8 +226,9 @@ get_list(char *filename, char *stripped_
|
|
||||||
"library= "
|
|
||||||
"module=\"NSS User database\" "
|
|
||||||
"parameters=\"configdir='sql:%s' %s\" "
|
|
||||||
- "NSS=\"flags=internal%s\"",
|
|
||||||
- userdb, stripped_parameters, getFIPSMode() ? ",FIPS" : "");
|
|
||||||
+ "NSS=\"%sflags=internal%s\"",
|
|
||||||
+ userdb, stripped_parameters, nssflags,
|
|
||||||
+ isFIPS ? ",FIPS" : "");
|
|
||||||
|
|
||||||
/* now open the user's defined PKCS #11 modules */
|
|
||||||
/* skip the local user DB entry */
|
|
||||||
@@ -235,7 +245,7 @@ get_list(char *filename, char *stripped_
|
|
||||||
"library= "
|
|
||||||
"module=\"NSS system database\" "
|
|
||||||
"parameters=\"configdir='sql:%s' tokenDescription='NSS system database' flags=readonly\" "
|
|
||||||
- "NSS=\"flags=internal,critical\"",filename);
|
|
||||||
+ "NSS=\"%sflags=internal,critical\"",filename, nssDefaultFlags);
|
|
||||||
|
|
||||||
/* that was the last module */
|
|
||||||
module_list[next] = 0;
|
|
85
546221.patch
85
546221.patch
@ -1,85 +0,0 @@
|
|||||||
diff -up nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.546221 nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c
|
|
||||||
--- nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.546221 2009-12-19 21:11:06.590930221 -0800
|
|
||||||
+++ nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c 2009-12-19 21:17:29.019931181 -0800
|
|
||||||
@@ -37,8 +37,6 @@
|
|
||||||
#include "prio.h"
|
|
||||||
#include "prprf.h"
|
|
||||||
|
|
||||||
-
|
|
||||||
-
|
|
||||||
/*
|
|
||||||
* The following provides a default example for operating systems to set up
|
|
||||||
* and manage applications loading NSS on their OS globally.
|
|
||||||
@@ -208,8 +206,8 @@ askpw=any timeout=30 ] } ";
|
|
||||||
static char **
|
|
||||||
get_list(char *filename, char *stripped_parameters)
|
|
||||||
{
|
|
||||||
- char **module_list = PORT_ZNewArray(char *, 4);
|
|
||||||
- char *userdb;
|
|
||||||
+ char **module_list = PORT_ZNewArray(char *, 5);
|
|
||||||
+ char *userdb, *sysdb;
|
|
||||||
int isFIPS = getFIPSMode();
|
|
||||||
const char *nssflags = isFIPS ? nssDefaultFIPSFlags : nssDefaultFlags;
|
|
||||||
int next = 0;
|
|
||||||
@@ -219,13 +217,20 @@ get_list(char *filename, char *stripped_
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
- userdb = getUserDB();
|
|
||||||
+ sysdb = getSystemDB();
|
|
||||||
+ userdb = getUserDB();
|
|
||||||
+
|
|
||||||
+ if (sysdb && !strcmp(filename, sysdb))
|
|
||||||
+ filename = NULL;
|
|
||||||
+ if (userdb && !strcmp(filename, userdb))
|
|
||||||
+ filename = NULL;
|
|
||||||
+
|
|
||||||
if (userdb != NULL) {
|
|
||||||
/* return a list of databases to open. First the user Database */
|
|
||||||
module_list[next++] = PR_smprintf(
|
|
||||||
"library= "
|
|
||||||
"module=\"NSS User database\" "
|
|
||||||
- "parameters=\"configdir='sql:%s' %s\" "
|
|
||||||
+ "parameters=\"configdir='sql:%s' %s tokenDescription='NSS user database'\" "
|
|
||||||
"NSS=\"%sflags=internal%s\"",
|
|
||||||
userdb, stripped_parameters, nssflags,
|
|
||||||
isFIPS ? ",FIPS" : "");
|
|
||||||
@@ -238,19 +243,32 @@ get_list(char *filename, char *stripped_
|
|
||||||
"parameters=\"configdir='sql:%s' %s\" "
|
|
||||||
"NSS=\"flags=internal,moduleDBOnly,defaultModDB,skipFirst\"",
|
|
||||||
userdb, stripped_parameters);
|
|
||||||
- }
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (filename && 0 /* This doesn't actually work. If we register
|
|
||||||
+ both this and the sysdb (in either order)
|
|
||||||
+ then only one of them actually shows up */) {
|
|
||||||
+ module_list[next++] = PR_smprintf(
|
|
||||||
+ "library= "
|
|
||||||
+ "module=\"NSS database\" "
|
|
||||||
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS database sql:%s'\" "
|
|
||||||
+ "NSS=\"%sflags=internal\"",filename, filename, nssflags);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* now the system database (always read only) */
|
|
||||||
- module_list[next++] = PR_smprintf(
|
|
||||||
- "library= "
|
|
||||||
- "module=\"NSS system database\" "
|
|
||||||
- "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' flags=readonly\" "
|
|
||||||
- "NSS=\"%sflags=internal,critical\"",filename, nssDefaultFlags);
|
|
||||||
+ if (sysdb) {
|
|
||||||
+ module_list[next++] = PR_smprintf(
|
|
||||||
+ "library= "
|
|
||||||
+ "module=\"NSS system database\" "
|
|
||||||
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' flags=readonly\" "
|
|
||||||
+ "NSS=\"%sflags=internal,critical\"",sysdb, nssflags);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* that was the last module */
|
|
||||||
module_list[next] = 0;
|
|
||||||
|
|
||||||
PORT_Free(userdb);
|
|
||||||
+ PORT_Free(sysdb);
|
|
||||||
|
|
||||||
return module_list;
|
|
||||||
}
|
|
109
547860.patch
109
547860.patch
@ -1,109 +0,0 @@
|
|||||||
diff -up nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.547860 nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c
|
|
||||||
--- nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.547860 2010-01-06 17:57:30.722388282 -0800
|
|
||||||
+++ nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c 2010-01-06 18:20:59.713397530 -0800
|
|
||||||
@@ -50,6 +50,7 @@
|
|
||||||
*/
|
|
||||||
|
|
||||||
#ifdef XP_UNIX
|
|
||||||
+#include <unistd.h>
|
|
||||||
#include <sys/stat.h>
|
|
||||||
#include <sys/types.h>
|
|
||||||
|
|
||||||
@@ -108,12 +109,26 @@ getSystemDB(void) {
|
|
||||||
return PORT_Strdup(NSS_DEFAULT_SYSTEM);
|
|
||||||
}
|
|
||||||
|
|
||||||
+static PRBool
|
|
||||||
+userIsRoot()
|
|
||||||
+{
|
|
||||||
+ /* this works for linux and all unixes that we know off
|
|
||||||
+ though it isn't stated as such in POSIX documentation */
|
|
||||||
+ return getuid() == 0;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static PRBool
|
|
||||||
+userCanModifySystemDB()
|
|
||||||
+{
|
|
||||||
+ return (access(NSS_DEFAULT_SYSTEM, W_OK) == 0);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
#else
|
|
||||||
#ifdef XP_WIN
|
|
||||||
static char *
|
|
||||||
getUserDB(void)
|
|
||||||
{
|
|
||||||
- /* use the registry to find the user's NSS_DIR. if no entry exists, creaate
|
|
||||||
+ /* use the registry to find the user's NSS_DIR. if no entry exists, create
|
|
||||||
* one in the users Appdir location */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
@@ -121,13 +136,28 @@ getUserDB(void)
|
|
||||||
static char *
|
|
||||||
getSystemDB(void)
|
|
||||||
{
|
|
||||||
- /* use the registry to find the system's NSS_DIR. if no entry exists, creaate
|
|
||||||
+ /* use the registry to find the system's NSS_DIR. if no entry exists, create
|
|
||||||
* one based on the windows system data area */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static PRBool
|
|
||||||
+userIsRoot()
|
|
||||||
+{
|
|
||||||
+ /* use the registry to find if the user is the system administrator. */
|
|
||||||
+ return PR_FALSE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static PRBool
|
|
||||||
+userCanModifySystemDB()
|
|
||||||
+{
|
|
||||||
+ /* use the registry to find if the user has administrative privilege
|
|
||||||
+ * to modify the system's nss database. */
|
|
||||||
+ return PR_FALSE;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
#else
|
|
||||||
-#error "Need to write getUserDB and get SystemDB functions"
|
|
||||||
+#error "Need to write getUserDB, SystemDB, userIsRoot, and userCanModifySystemDB functions"
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
@@ -225,7 +255,8 @@ get_list(char *filename, char *stripped_
|
|
||||||
if (userdb && !strcmp(filename, userdb))
|
|
||||||
filename = NULL;
|
|
||||||
|
|
||||||
- if (userdb != NULL) {
|
|
||||||
+ /* Don't open root's user DB */
|
|
||||||
+ if (userdb != NULL && !userIsRoot()) {
|
|
||||||
/* return a list of databases to open. First the user Database */
|
|
||||||
module_list[next++] = PR_smprintf(
|
|
||||||
"library= "
|
|
||||||
@@ -245,7 +276,8 @@ get_list(char *filename, char *stripped_
|
|
||||||
userdb, stripped_parameters);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (filename && 0 /* This doesn't actually work. If we register
|
|
||||||
+ if (filename && !userIsRoot() && 0
|
|
||||||
+ /* This doesn't actually work. If we register
|
|
||||||
both this and the sysdb (in either order)
|
|
||||||
then only one of them actually shows up */) {
|
|
||||||
module_list[next++] = PR_smprintf(
|
|
||||||
@@ -255,13 +287,14 @@ get_list(char *filename, char *stripped_
|
|
||||||
"NSS=\"%sflags=internal\"",filename, filename, nssflags);
|
|
||||||
}
|
|
||||||
|
|
||||||
- /* now the system database (always read only) */
|
|
||||||
+ /* now the system database (always read only unless it's root) */
|
|
||||||
if (sysdb) {
|
|
||||||
- module_list[next++] = PR_smprintf(
|
|
||||||
+ const char *readonly = userCanModifySystemDB() ? "" : "flags=readonly";
|
|
||||||
+ module_list[next++] = PR_smprintf(
|
|
||||||
"library= "
|
|
||||||
"module=\"NSS system database\" "
|
|
||||||
- "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' flags=readonly\" "
|
|
||||||
- "NSS=\"%sflags=internal,critical\"",sysdb, nssflags);
|
|
||||||
+ "parameters=\"configdir='sql:%s' tokenDescription='NSS system database' %s\" "
|
|
||||||
+ "NSS=\"%sflags=internal,critical\"",sysdb, readonly, nssflags);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* that was the last module */
|
|
97
553638.patch
97
553638.patch
@ -1,97 +0,0 @@
|
|||||||
diff -up nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.553638 nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c
|
|
||||||
--- nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c.553638 2010-01-25 08:58:42.358325102 -0800
|
|
||||||
+++ nss-3.12.5/mozilla/security/nss/lib/sysinit/nsssysinit.c 2010-01-25 09:07:20.028324059 -0800
|
|
||||||
@@ -36,6 +36,7 @@
|
|
||||||
#include "seccomon.h"
|
|
||||||
#include "prio.h"
|
|
||||||
#include "prprf.h"
|
|
||||||
+#include "plhash.h"
|
|
||||||
|
|
||||||
/*
|
|
||||||
* The following provides a default example for operating systems to set up
|
|
||||||
@@ -212,6 +213,25 @@ getFIPSMode(void)
|
|
||||||
|
|
||||||
#define NSS_DEFAULT_FLAGS "flags=readonly"
|
|
||||||
|
|
||||||
+/* configuration flags according to
|
|
||||||
+ * https://developer.mozilla.org/en/PKCS11_Module_Specs
|
|
||||||
+ * As stated there the slotParams start with a slot name which is a slotID
|
|
||||||
+ * Slots 1 through 3 are reserved for the nss internal modules as follows:
|
|
||||||
+ * 1 for crypto operations slot non-fips,
|
|
||||||
+ * 2 for the key slot, and
|
|
||||||
+ * 3 for the crypto operations slot fips
|
|
||||||
+ */
|
|
||||||
+#define ORDER_FLAGS "trustOrder=75 cipherOrder=100"
|
|
||||||
+#define SLOT_FLAGS \
|
|
||||||
+ "[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM" \
|
|
||||||
+ " askpw=any timeout=30 ]"
|
|
||||||
+
|
|
||||||
+static const char *nssDefaultFlags =
|
|
||||||
+ ORDER_FLAGS " slotParams={0x00000001=" SLOT_FLAGS " } ";
|
|
||||||
+
|
|
||||||
+static const char *nssDefaultFIPSFlags =
|
|
||||||
+ ORDER_FLAGS " slotParams={0x00000003=" SLOT_FLAGS " } ";
|
|
||||||
+
|
|
||||||
/*
|
|
||||||
* This function builds the list of databases and modules to load, and sets
|
|
||||||
* their configuration. For the sample we have a fixed set.
|
|
||||||
@@ -226,13 +246,6 @@ getFIPSMode(void)
|
|
||||||
* the decision making process.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
-static const char *nssDefaultFlags = "trustOrder=75 cipherOrder=100 \
|
|
||||||
-slotParams={0x00000001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
|
|
||||||
-askpw=any timeout=30 ] } ";
|
|
||||||
-static const char *nssDefaultFIPSFlags = "trustOrder=75 cipherOrder=100 \
|
|
||||||
-slotParams={0x00000003=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,RANDOM \
|
|
||||||
-askpw=any timeout=30 ] } ";
|
|
||||||
-
|
|
||||||
static char **
|
|
||||||
get_list(char *filename, char *stripped_parameters)
|
|
||||||
{
|
|
||||||
@@ -250,11 +263,6 @@ get_list(char *filename, char *stripped_
|
|
||||||
sysdb = getSystemDB();
|
|
||||||
userdb = getUserDB();
|
|
||||||
|
|
||||||
- if (sysdb && !strcmp(filename, sysdb))
|
|
||||||
- filename = NULL;
|
|
||||||
- if (userdb && !strcmp(filename, userdb))
|
|
||||||
- filename = NULL;
|
|
||||||
-
|
|
||||||
/* Don't open root's user DB */
|
|
||||||
if (userdb != NULL && !userIsRoot()) {
|
|
||||||
/* return a list of databases to open. First the user Database */
|
|
||||||
@@ -276,16 +284,29 @@ get_list(char *filename, char *stripped_
|
|
||||||
userdb, stripped_parameters);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (filename && !userIsRoot() && 0
|
|
||||||
- /* This doesn't actually work. If we register
|
|
||||||
- both this and the sysdb (in either order)
|
|
||||||
- then only one of them actually shows up */) {
|
|
||||||
+#if 0
|
|
||||||
+ /* This doesn't actually work. If we register
|
|
||||||
+ both this and the sysdb (in either order)
|
|
||||||
+ then only one of them actually shows up */
|
|
||||||
+
|
|
||||||
+ /* Using a NULL filename as a Boolean flag to
|
|
||||||
+ * prevent registering both an application-defined
|
|
||||||
+ * db and the system db. rhbz #546211.
|
|
||||||
+ */
|
|
||||||
+ PORT_Assert(filename);
|
|
||||||
+ if (sysdb && PL_CompareStrings(filename, sysdb))
|
|
||||||
+ filename = NULL;
|
|
||||||
+ else if (userdb && PL_CompareStrings(filename, userdb))
|
|
||||||
+ filename = NULL;
|
|
||||||
+
|
|
||||||
+ if (filename && !userIsRoot()) {
|
|
||||||
module_list[next++] = PR_smprintf(
|
|
||||||
"library= "
|
|
||||||
"module=\"NSS database\" "
|
|
||||||
"parameters=\"configdir='sql:%s' tokenDescription='NSS database sql:%s'\" "
|
|
||||||
"NSS=\"%sflags=internal\"",filename, filename, nssflags);
|
|
||||||
}
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/* now the system database (always read only unless it's root) */
|
|
||||||
if (sysdb) {
|
|
@ -1,14 +0,0 @@
|
|||||||
--- ./mozilla/security/nss/cmd/platlibs.mk.withrpath 2007-02-19 07:17:06.000000000 +0100
|
|
||||||
+++ ./mozilla/security/nss/cmd/platlibs.mk 2007-02-19 07:18:07.000000000 +0100
|
|
||||||
@@ -52,9 +52,9 @@
|
|
||||||
|
|
||||||
ifeq ($(OS_ARCH), Linux)
|
|
||||||
ifeq ($(USE_64), 1)
|
|
||||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
|
|
||||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib64:$$ORIGIN/../lib'
|
|
||||||
else
|
|
||||||
-EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
|
|
||||||
+#EXTRA_SHARED_LIBS += -Wl,-rpath,'$$ORIGIN/../lib'
|
|
||||||
endif
|
|
||||||
endif
|
|
||||||
|
|
@ -1,26 +1,26 @@
|
|||||||
diff -up ./mozilla/security/nss/lib/Makefile.nolocalsql ./mozilla/security/nss/lib/Makefile
|
diff -up ./mozilla/security/nss/lib/Makefile.nolocalsql ./mozilla/security/nss/lib/Makefile
|
||||||
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2007-07-19 23:36:49.000000000 +0200
|
--- ./mozilla/security/nss/lib/Makefile.nolocalsql 2010-02-27 16:40:25.891777537 -0800
|
||||||
+++ ./mozilla/security/nss/lib/Makefile 2009-04-14 17:07:40.000000000 +0200
|
+++ ./mozilla/security/nss/lib/Makefile 2010-02-27 16:41:59.175902327 -0800
|
||||||
@@ -62,11 +62,11 @@ ifeq ($(OS_TARGET), WINCE)
|
@@ -62,11 +62,11 @@ ifndef USE_SYSTEM_ZLIB
|
||||||
DIRS := $(filter-out fortcrypt,$(DIRS))
|
ZLIB_SRCDIR = zlib # Add the zlib directory to DIRS.
|
||||||
endif
|
endif
|
||||||
|
|
||||||
-ifndef MOZILLA_CLIENT
|
-ifndef MOZILLA_CLIENT
|
||||||
-ifndef NSS_USE_SYSTEM_SQLITE
|
-ifndef NSS_USE_SYSTEM_SQLITE
|
||||||
-DIRS := sqlite $(DIRS)
|
-SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
||||||
-endif
|
-endif
|
||||||
-endif
|
-endif
|
||||||
+#ifndef MOZILLA_CLIENT
|
+#ifndef MOZILLA_CLIENT
|
||||||
+#ifndef NSS_USE_SYSTEM_SQLITE
|
+#ifndef NSS_USE_SYSTEM_SQLITE
|
||||||
+#DIRS := sqlite $(DIRS)
|
+#SQLITE_SRCDIR = sqlite # Add the sqlite directory to DIRS.
|
||||||
+#endif
|
+#endif
|
||||||
+#endif
|
+#endif
|
||||||
|
|
||||||
#######################################################################
|
ifndef MOZILLA_CLIENT
|
||||||
# (5) Execute "global" rules. (OPTIONAL) #
|
ifeq ($(OS_ARCH),Linux)
|
||||||
diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn
|
diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn
|
||||||
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2007-07-19 23:36:50.000000000 +0200
|
--- ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql 2010-02-27 16:44:24.998777709 -0800
|
||||||
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2009-04-14 17:07:40.000000000 +0200
|
+++ ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn 2010-02-27 16:45:08.533803472 -0800
|
||||||
@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
|
@@ -46,9 +46,9 @@ MAPFILE = $(OBJDIR)/nssdbm.def
|
||||||
|
|
||||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
|
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\"
|
||||||
@ -35,8 +35,8 @@ diff -up ./mozilla/security/nss/lib/softoken/legacydb/manifest.mn.nolocalsql ./m
|
|||||||
CSRCS = \
|
CSRCS = \
|
||||||
dbmshim.c \
|
dbmshim.c \
|
||||||
diff -up ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/manifest.mn
|
diff -up ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql ./mozilla/security/nss/lib/softoken/manifest.mn
|
||||||
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2009-03-25 17:21:37.000000000 +0100
|
--- ./mozilla/security/nss/lib/softoken/manifest.mn.nolocalsql 2010-02-27 16:42:52.213902231 -0800
|
||||||
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2009-04-14 17:07:40.000000000 +0200
|
+++ ./mozilla/security/nss/lib/softoken/manifest.mn 2010-02-27 16:43:34.040776788 -0800
|
||||||
@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
|
@@ -47,9 +47,9 @@ MAPFILE = $(OBJDIR)/softokn.def
|
||||||
|
|
||||||
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
|
DEFINES += -DSHLIB_SUFFIX=\"$(DLL_SUFFIX)\" -DSHLIB_PREFIX=\"$(DLL_PREFIX)\" -DSOFTOKEN_LIB_NAME=\"$(notdir $(SHARED_LIBRARY))\" -DSHLIB_VERSION=\"$(LIBRARY_VERSION)\"
|
||||||
|
@ -1,15 +0,0 @@
|
|||||||
Index: mozilla/security/nss/lib/manifest.mn
|
|
||||||
===================================================================
|
|
||||||
RCS file: /cvsroot/mozilla/security/nss/lib/manifest.mn,v
|
|
||||||
retrieving revision 1.20
|
|
||||||
diff -u -p -r1.20 manifest.mn
|
|
||||||
--- mozilla/security/nss/lib/manifest.mn 7 Nov 2009 05:57:41 -0000 1.20
|
|
||||||
+++ mozilla/security/nss/lib/manifest.mn 4 Dec 2009 02:27:20 -0000
|
|
||||||
@@ -56,6 +56,7 @@ DIRS = util freebl softoken \
|
|
||||||
pkcs12 pkcs7 smime \
|
|
||||||
crmf jar \
|
|
||||||
ckfw \
|
|
||||||
+ sysinit \
|
|
||||||
$(NULL)
|
|
||||||
|
|
||||||
# fortcrypt is no longer built
|
|
51
nss.spec
51
nss.spec
@ -1,24 +1,24 @@
|
|||||||
%global nspr_version 4.8
|
%global nspr_version 4.8.4
|
||||||
%global nss_util_version 3.12.5
|
%global nss_util_version 3.12.6
|
||||||
%global nss_softokn_version 3.12.4
|
%global nss_softokn_version 3.12.4
|
||||||
%global nss_softokn_fips_version 3.12.4
|
%global nss_softokn_fips_version 3.12.4
|
||||||
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
%global unsupported_tools_directory %{_libdir}/nss/unsupported-tools
|
||||||
|
|
||||||
Summary: Network Security Services
|
Summary: Network Security Services
|
||||||
Name: nss
|
Name: nss
|
||||||
Version: 3.12.5
|
Version: 3.12.6
|
||||||
Release: 9%{?dist}
|
Release: 1.2%{?dist}
|
||||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||||
URL: http://www.mozilla.org/projects/security/pki/nss/
|
URL: http://www.mozilla.org/projects/security/pki/nss/
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
Requires: nspr >= %{nspr_version}
|
Requires: nspr >= %{nspr_version}
|
||||||
Requires: nss-util >= %{nss_util_version}
|
Requires: nss-util = %{nss_util_version}
|
||||||
Requires: nss-softokn%{_isa} = %{nss_softokn_fips_version}
|
Requires: nss-softokn%{_isa} = %{nss_softokn_fips_version}
|
||||||
Requires: nss-system-init
|
Requires: nss-system-init
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
BuildRequires: nspr-devel >= %{nspr_version}
|
BuildRequires: nspr-devel >= %{nspr_version}
|
||||||
BuildRequires: nss-softokn-devel = %{nss_softokn_version}
|
BuildRequires: nss-softokn-devel = %{nss_softokn_version}
|
||||||
BuildRequires: nss-util-devel >= %{nss_util_version}
|
BuildRequires: nss-util-devel = %{nss_util_version}
|
||||||
BuildRequires: sqlite-devel
|
BuildRequires: sqlite-devel
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: pkgconfig
|
BuildRequires: pkgconfig
|
||||||
@ -40,14 +40,9 @@ Source9: setup-nsssysinit.sh
|
|||||||
Source12: %{name}-pem-20091210.tar.bz2
|
Source12: %{name}-pem-20091210.tar.bz2
|
||||||
|
|
||||||
Patch2: nss-nolocalsql.patch
|
Patch2: nss-nolocalsql.patch
|
||||||
|
Patch3: renegotiate-transitional.patch
|
||||||
|
Patch4: validate-arguments.patch
|
||||||
Patch6: nss-enable-pem.patch
|
Patch6: nss-enable-pem.patch
|
||||||
Patch7: 533125-ammend.patch
|
|
||||||
Patch8: nss-sysinit.patch
|
|
||||||
Patch9: 540387.patch
|
|
||||||
Patch10: 545779.patch
|
|
||||||
Patch11: 546221.patch
|
|
||||||
Patch12: 547860.patch
|
|
||||||
Patch13: 553638.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Network Security Services (NSS) is a set of libraries designed to
|
Network Security Services (NSS) is a set of libraries designed to
|
||||||
@ -112,15 +107,11 @@ low level services.
|
|||||||
%setup -q
|
%setup -q
|
||||||
%setup -q -T -D -n %{name}-%{version} -a 12
|
%setup -q -T -D -n %{name}-%{version} -a 12
|
||||||
|
|
||||||
%patch2 -p0
|
%patch2 -p0 -b .nolocalsql
|
||||||
|
%patch3 -p0 -b .transitional
|
||||||
|
%patch4 -p0 -b .validate
|
||||||
%patch6 -p0 -b .libpem
|
%patch6 -p0 -b .libpem
|
||||||
%patch7 -p0 -b .533125
|
|
||||||
%patch8 -p0 -b .sysinit
|
|
||||||
%patch9 -p1 -b .540387
|
|
||||||
%patch10 -p0 -b .545779
|
|
||||||
%patch11 -p1 -b .546221
|
|
||||||
%patch12 -p1 -b .547860
|
|
||||||
%patch13 -p1 -b .553638
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
|
||||||
@ -242,10 +233,16 @@ rm -rf ./mozilla/tests_results
|
|||||||
cd ./mozilla/security/nss/tests/
|
cd ./mozilla/security/nss/tests/
|
||||||
# all.sh is the test suite script
|
# all.sh is the test suite script
|
||||||
|
|
||||||
|
# don't need to run all the tests when testing packaging
|
||||||
|
# nss_cycles: standard pkix upgradedb sharedb
|
||||||
|
# nss_tests: cipher libpkix cert dbtests tools fips sdr crmf smime ssl ocsp merge pkits chains
|
||||||
|
# nss_ssl_tests: crl bypass_normal normal_bypass normal_fips fips_normal iopr
|
||||||
|
# nss_ssl_run: cov auth stress
|
||||||
|
|
||||||
# Temporarily disabling the ssl test suites
|
# Temporarily disabling the ssl test suites
|
||||||
# until bug 539183 gets resolved
|
# until bug 539183 gets resolved
|
||||||
%global nss_ssl_tests " "
|
#%global nss_ssl_tests " "
|
||||||
%global nss_ssl_run " "
|
#%global nss_ssl_run " "
|
||||||
|
|
||||||
HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh
|
HOST=localhost DOMSUF=localdomain PORT=$MYRAND NSS_CYCLES=%{?nss_cycles} NSS_TESTS=%{?nss_tests} NSS_SSL_TESTS=%{?nss_ssl_tests} NSS_SSL_RUN=%{?nss_ssl_run} ./all.sh
|
||||||
|
|
||||||
@ -487,6 +484,14 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sat Mar 06 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-1.2
|
||||||
|
- Rebuilt with all tests enabled
|
||||||
|
|
||||||
|
* Sat Mar 06 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.6-1.1
|
||||||
|
- Update to 3.12.6
|
||||||
|
- Using SSL_RENEGOTIATE_TRANSITIONAL as default while on transition period
|
||||||
|
- Patch tools to validate command line options arguments
|
||||||
|
|
||||||
* Mon Jan 25 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.5-8
|
* Mon Jan 25 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.5-8
|
||||||
- Fix curl related regression and general patch code clean up
|
- Fix curl related regression and general patch code clean up
|
||||||
|
|
||||||
|
16
renegotiate-transitional.patch
Normal file
16
renegotiate-transitional.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
Index: ./mozilla/security/nss/lib/ssl/sslsock.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/lib/ssl/sslsock.c,v
|
||||||
|
retrieving revision 1.66
|
||||||
|
diff -u -p -r1.66 sslsock.c
|
||||||
|
--- ./mozilla/security/nss/lib/ssl/sslsock.c 26 Feb 2010 20:44:54 -0000 1.66
|
||||||
|
+++ ./mozilla/security/nss/lib/ssl/sslsock.c 1 Mar 2010 18:05:10 -0000
|
||||||
|
@@ -181,7 +181,7 @@ static sslOptions ssl_defaults = {
|
||||||
|
PR_FALSE, /* noLocks */
|
||||||
|
PR_FALSE, /* enableSessionTickets */
|
||||||
|
PR_FALSE, /* enableDeflate */
|
||||||
|
- 2, /* enableRenegotiation (default: requires extension) */
|
||||||
|
+ 3, /* enableRenegotiation (default: transitional)
|
||||||
|
PR_FALSE, /* requireSafeNegotiation */
|
||||||
|
};
|
||||||
|
|
2
sources
2
sources
@ -1,4 +1,4 @@
|
|||||||
51c5958153b6c01fada2e74cedc66835 nss-3.12.5-stripped.tar.bz2
|
3902499c8e02b02d4944f21d3c6a839f nss-3.12.6-stripped.tar.bz2
|
||||||
82c2c72c961f2783c8e975a42fa939cf nss-pem-20091210.tar.bz2
|
82c2c72c961f2783c8e975a42fa939cf nss-pem-20091210.tar.bz2
|
||||||
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
a5ae49867124ac75f029a9a33af31bad blank-cert8.db
|
||||||
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
|
9315689bbd9f28ceebd47894f99fccbd blank-key3.db
|
||||||
|
720
validate-arguments.patch
Normal file
720
validate-arguments.patch
Normal file
@ -0,0 +1,720 @@
|
|||||||
|
Index: ./mozilla/security/nss/cmd/p7content/p7content.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/p7content/p7content.c,v
|
||||||
|
retrieving revision 1.12
|
||||||
|
diff -u -p -r1.12 p7content.c
|
||||||
|
--- ./mozilla/security/nss/cmd/p7content/p7content.c 4 Aug 2008 22:58:31 -0000 1.12
|
||||||
|
+++ ./mozilla/security/nss/cmd/p7content/p7content.c 2 Mar 2010 18:29:48 -0000
|
||||||
|
@@ -64,7 +64,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
-Usage(char *progName)
|
||||||
|
+Usage(const char *progName)
|
||||||
|
{
|
||||||
|
fprintf(stderr,
|
||||||
|
"Usage: %s [-d dbdir] [-i input] [-o output]\n",
|
||||||
|
@@ -195,6 +195,15 @@ DecodeAndPrintFile(FILE *out, PRFileDesc
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Print the contents of a PKCS7 message, indicating signatures, etc.
|
||||||
|
*/
|
||||||
|
@@ -222,10 +231,12 @@ main(int argc, char **argv)
|
||||||
|
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
||||||
|
switch (optstate->option) {
|
||||||
|
case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
SECU_ConfigDirectory(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'i':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||||
|
if (!inFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||||
|
@@ -235,6 +246,7 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'o':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
outFile = fopen(optstate->value, "w");
|
||||||
|
if (!outFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||||
|
@@ -244,11 +256,13 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'p':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_PLAINTEXT;
|
||||||
|
pwdata.data = PORT_Strdup (optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'f':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_FROMFILE;
|
||||||
|
pwdata.data = PORT_Strdup (optstate->value);
|
||||||
|
break;
|
||||||
|
Index: ./mozilla/security/nss/cmd/p7env/p7env.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/p7env/p7env.c,v
|
||||||
|
retrieving revision 1.10
|
||||||
|
diff -u -p -r1.10 p7env.c
|
||||||
|
--- ./mozilla/security/nss/cmd/p7env/p7env.c 11 Feb 2010 02:39:47 -0000 1.10
|
||||||
|
+++ ./mozilla/security/nss/cmd/p7env/p7env.c 2 Mar 2010 18:29:48 -0000
|
||||||
|
@@ -63,7 +63,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
-Usage(char *progName)
|
||||||
|
+Usage(const char *progName)
|
||||||
|
{
|
||||||
|
fprintf(stderr,
|
||||||
|
"Usage: %s -r recipient [-d dbdir] [-i input] [-o output]\n",
|
||||||
|
@@ -159,6 +159,15 @@ EncryptFile(FILE *outFile, FILE *inFile,
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
@@ -194,10 +203,12 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
SECU_ConfigDirectory(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'i':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
inFile = fopen(optstate->value, "r");
|
||||||
|
if (!inFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||||
|
@@ -207,6 +218,7 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'o':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
outFile = fopen(optstate->value, "wb");
|
||||||
|
if (!outFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||||
|
@@ -216,6 +228,7 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'r':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
if (rcpt == NULL) {
|
||||||
|
recipients = rcpt = PORT_Alloc (sizeof(struct recipient));
|
||||||
|
} else {
|
||||||
|
Index: ./mozilla/security/nss/cmd/p7sign/p7sign.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/p7sign/p7sign.c,v
|
||||||
|
retrieving revision 1.14
|
||||||
|
diff -u -p -r1.14 p7sign.c
|
||||||
|
--- ./mozilla/security/nss/cmd/p7sign/p7sign.c 4 Aug 2008 22:58:28 -0000 1.14
|
||||||
|
+++ ./mozilla/security/nss/cmd/p7sign/p7sign.c 2 Mar 2010 18:29:48 -0000
|
||||||
|
@@ -67,7 +67,7 @@ extern int fprintf(FILE *, char *, ...);
|
||||||
|
static secuPWData pwdata = { PW_NONE, 0 };
|
||||||
|
|
||||||
|
static void
|
||||||
|
-Usage(char *progName)
|
||||||
|
+Usage(const char *progName)
|
||||||
|
{
|
||||||
|
fprintf(stderr,
|
||||||
|
"Usage: %s -k keyname [-d keydir] [-i input] [-o output]\n",
|
||||||
|
@@ -173,6 +173,15 @@ SignFile(FILE *outFile, PRFileDesc *inFi
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
@@ -210,10 +219,12 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
SECU_ConfigDirectory(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'i':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
inFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||||
|
if (!inFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||||
|
@@ -223,10 +234,12 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'k':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
keyName = strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'o':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
outFile = fopen(optstate->value, "wb");
|
||||||
|
if (!outFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||||
|
@@ -235,11 +248,13 @@ main(int argc, char **argv)
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'p':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_PLAINTEXT;
|
||||||
|
pwdata.data = strdup (optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'f':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_FROMFILE;
|
||||||
|
pwdata.data = PORT_Strdup (optstate->value);
|
||||||
|
break;
|
||||||
|
Index: ./mozilla/security/nss/cmd/p7verify/p7verify.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/p7verify/p7verify.c,v
|
||||||
|
retrieving revision 1.10
|
||||||
|
diff -u -p -r1.10 p7verify.c
|
||||||
|
--- ./mozilla/security/nss/cmd/p7verify/p7verify.c 8 Aug 2008 23:47:57 -0000 1.10
|
||||||
|
+++ ./mozilla/security/nss/cmd/p7verify/p7verify.c 2 Mar 2010 18:29:48 -0000
|
||||||
|
@@ -126,7 +126,7 @@ DigestFile(unsigned char *digest, unsign
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
-Usage(char *progName)
|
||||||
|
+Usage(const char *progName)
|
||||||
|
{
|
||||||
|
fprintf(stderr,
|
||||||
|
"Usage: %s -c content -s signature [-d dbdir] [-u certusage]\n",
|
||||||
|
@@ -209,6 +209,14 @@ HashDecodeAndVerify(FILE *out, FILE *con
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,arg) if (!(arg)) PrintMsgAndExit(progName, opt)
|
||||||
|
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
@@ -239,6 +247,7 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'c':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
contentFile = fopen(optstate->value, "r");
|
||||||
|
if (!contentFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||||
|
@@ -248,10 +257,12 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
SECU_ConfigDirectory(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'o':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
outFile = fopen(optstate->value, "w");
|
||||||
|
if (!outFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||||||
|
@@ -261,6 +272,7 @@ main(int argc, char **argv)
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 's':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
signatureFile = PR_Open(optstate->value, PR_RDONLY, 0);
|
||||||
|
if (!signatureFile) {
|
||||||
|
fprintf(stderr, "%s: unable to open \"%s\" for reading\n",
|
||||||
|
@@ -271,7 +283,7 @@ main(int argc, char **argv)
|
||||||
|
|
||||||
|
case 'u': {
|
||||||
|
int usageType;
|
||||||
|
-
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
usageType = atoi (strdup(optstate->value));
|
||||||
|
if (usageType < certUsageSSLClient || usageType > certUsageAnyCA)
|
||||||
|
return -1;
|
||||||
|
Index: ./mozilla/security/nss/cmd/strsclnt/strsclnt.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/strsclnt/strsclnt.c,v
|
||||||
|
retrieving revision 1.66
|
||||||
|
diff -u -p -r1.66 strsclnt.c
|
||||||
|
--- ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 10 Feb 2010 18:07:20 -0000 1.66
|
||||||
|
+++ ./mozilla/security/nss/cmd/strsclnt/strsclnt.c 2 Mar 2010 18:29:51 -0000
|
||||||
|
@@ -1325,6 +1325,15 @@ done:
|
||||||
|
return rv;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
@@ -1364,33 +1373,57 @@ main(int argc, char **argv)
|
||||||
|
|
||||||
|
case 'B': bypassPKCS11 = PR_TRUE; break;
|
||||||
|
|
||||||
|
- case 'C': cipherString = optstate->value; break;
|
||||||
|
+ case 'C':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ cipherString = optstate->value;
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'D': NoDelay = PR_TRUE; break;
|
||||||
|
|
||||||
|
case 'N': NoReuse = 1; break;
|
||||||
|
|
||||||
|
- case 'P': fullhs = PORT_Atoi(optstate->value); break;
|
||||||
|
+ case 'P':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ fullhs = PORT_Atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'T': disableTLS = PR_TRUE; break;
|
||||||
|
|
||||||
|
case 'U': ThrottleUp = PR_TRUE; break;
|
||||||
|
|
||||||
|
- case 'a': sniHostName = PL_strdup(optstate->value); break;
|
||||||
|
+ case 'a':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ sniHostName = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
- case 'c': connections = PORT_Atoi(optstate->value); break;
|
||||||
|
+ case 'c':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ connections = PORT_Atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
- case 'd': dir = optstate->value; break;
|
||||||
|
+ case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ dir = optstate->value;
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
- case 'f': fileName = optstate->value; break;
|
||||||
|
+ case 'f':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ fileName = optstate->value;
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'i': ignoreErrors = PR_TRUE; break;
|
||||||
|
|
||||||
|
- case 'n': nickName = PL_strdup(optstate->value); break;
|
||||||
|
+ case 'n':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ nickName = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'o': MakeCertOK++; break;
|
||||||
|
|
||||||
|
- case 'p': port = PORT_Atoi(optstate->value); break;
|
||||||
|
+ case 'p':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ port = PORT_Atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'q': QuitOnTimeout = PR_TRUE; break;
|
||||||
|
|
||||||
|
@@ -1407,11 +1440,13 @@ main(int argc, char **argv)
|
||||||
|
case 'v': verbose++; break;
|
||||||
|
|
||||||
|
case 'w':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_PLAINTEXT;
|
||||||
|
pwdata.data = PL_strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'W':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_FROMFILE;
|
||||||
|
pwdata.data = PL_strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
@@ -1419,6 +1454,7 @@ main(int argc, char **argv)
|
||||||
|
case 'z': enableCompression = PR_TRUE; break;
|
||||||
|
|
||||||
|
case 0: /* positional parameter */
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
if (hostName) {
|
||||||
|
Usage(progName);
|
||||||
|
}
|
||||||
|
Index: ./mozilla/security/nss/cmd/tests/remtest.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/tests/remtest.c,v
|
||||||
|
retrieving revision 1.5
|
||||||
|
diff -u -p -r1.5 remtest.c
|
||||||
|
--- ./mozilla/security/nss/cmd/tests/remtest.c 8 Aug 2008 23:48:09 -0000 1.5
|
||||||
|
+++ ./mozilla/security/nss/cmd/tests/remtest.c 2 Mar 2010 18:29:51 -0000
|
||||||
|
@@ -69,6 +69,15 @@ Usage(char *progName)
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
char * certDir = NULL;
|
||||||
|
@@ -92,10 +101,12 @@ int main(int argc, char **argv)
|
||||||
|
switch (optstate->option) {
|
||||||
|
|
||||||
|
case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
certDir = strdup(optstate->value);
|
||||||
|
certDir = SECU_ConfigDirectory(certDir);
|
||||||
|
break;
|
||||||
|
case 't':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
tokenName = strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
case 'r':
|
||||||
|
Index: ./mozilla/security/nss/cmd/tstclnt/tstclnt.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/tstclnt/tstclnt.c,v
|
||||||
|
retrieving revision 1.62
|
||||||
|
diff -u -p -r1.62 tstclnt.c
|
||||||
|
--- ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 10 Feb 2010 18:07:21 -0000 1.62
|
||||||
|
+++ ./mozilla/security/nss/cmd/tstclnt/tstclnt.c 2 Mar 2010 18:29:51 -0000
|
||||||
|
@@ -497,6 +497,15 @@ separateReqHeader(const PRFileDesc* outF
|
||||||
|
Usage(progName); \
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
PRFileDesc * s;
|
||||||
|
@@ -563,38 +572,56 @@ int main(int argc, char **argv)
|
||||||
|
|
||||||
|
case 'B': bypassPKCS11 = 1; break;
|
||||||
|
|
||||||
|
- case 'S': skipProtoHeader = PR_TRUE; break;
|
||||||
|
+ case 'S': skipProtoHeader = PR_TRUE; break;
|
||||||
|
|
||||||
|
case 'T': disableTLS = 1; break;
|
||||||
|
|
||||||
|
- case 'a': if (!hs1SniHostName) {
|
||||||
|
- hs1SniHostName = PORT_Strdup(optstate->value);
|
||||||
|
- } else if (!hs2SniHostName) {
|
||||||
|
- hs2SniHostName = PORT_Strdup(optstate->value);
|
||||||
|
- } else {
|
||||||
|
- Usage(progName);
|
||||||
|
- }
|
||||||
|
- break;
|
||||||
|
-
|
||||||
|
- case 'c': cipherString = PORT_Strdup(optstate->value); break;
|
||||||
|
-
|
||||||
|
- case 'd': certDir = PORT_Strdup(optstate->value); break;
|
||||||
|
+ case 'a':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ if (!hs1SniHostName) {
|
||||||
|
+ hs1SniHostName = PORT_Strdup(optstate->value);
|
||||||
|
+ } else if (!hs2SniHostName) {
|
||||||
|
+ hs2SniHostName = PORT_Strdup(optstate->value);
|
||||||
|
+ } else {
|
||||||
|
+ Usage(progName);
|
||||||
|
+ }
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ case 'c':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ cipherString = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ case 'd':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ certDir = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'f': clientSpeaksFirst = PR_TRUE; break;
|
||||||
|
|
||||||
|
- case 'h': host = PORT_Strdup(optstate->value); break;
|
||||||
|
+ case 'h':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ host = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'm':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
multiplier = atoi(optstate->value);
|
||||||
|
if (multiplier < 0)
|
||||||
|
multiplier = 0;
|
||||||
|
break;
|
||||||
|
|
||||||
|
- case 'n': nickname = PORT_Strdup(optstate->value); break;
|
||||||
|
+ case 'n':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ nickname = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'o': override = 1; break;
|
||||||
|
|
||||||
|
- case 'p': portno = (PRUint16)atoi(optstate->value); break;
|
||||||
|
+ case 'p':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ portno = (PRUint16)atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'q': pingServerFirst = PR_TRUE; break;
|
||||||
|
|
||||||
|
@@ -604,17 +631,22 @@ int main(int argc, char **argv)
|
||||||
|
|
||||||
|
case 'v': verbose++; break;
|
||||||
|
|
||||||
|
- case 'r': renegotiationsToDo = atoi(optstate->value); break;
|
||||||
|
-
|
||||||
|
- case 'w':
|
||||||
|
- pwdata.source = PW_PLAINTEXT;
|
||||||
|
- pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
- break;
|
||||||
|
-
|
||||||
|
- case 'W':
|
||||||
|
- pwdata.source = PW_FROMFILE;
|
||||||
|
- pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
- break;
|
||||||
|
+ case 'r':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ renegotiationsToDo = atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ case 'w':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ pwdata.source = PW_PLAINTEXT;
|
||||||
|
+ pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+
|
||||||
|
+ case 'W':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ pwdata.source = PW_FROMFILE;
|
||||||
|
+ pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
|
||||||
|
case 'x': useExportPolicy = 1; break;
|
||||||
|
|
||||||
|
Index: ./mozilla/security/nss/cmd/vfychain/vfychain.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/vfychain/vfychain.c,v
|
||||||
|
retrieving revision 1.30
|
||||||
|
diff -u -p -r1.30 vfychain.c
|
||||||
|
--- ./mozilla/security/nss/cmd/vfychain/vfychain.c 1 Apr 2009 20:41:29 -0000 1.30
|
||||||
|
+++ ./mozilla/security/nss/cmd/vfychain/vfychain.c 2 Mar 2010 18:29:52 -0000
|
||||||
|
@@ -432,6 +432,15 @@ isOCSPEnabled()
|
||||||
|
return PR_FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main(int argc, char *argv[], char *envp[])
|
||||||
|
{
|
||||||
|
@@ -469,12 +478,19 @@ main(int argc, char *argv[], char *envp[
|
||||||
|
switch(optstate->option) {
|
||||||
|
case 0 : /* positional parameter */ goto breakout;
|
||||||
|
case 'a' : isAscii = PR_TRUE; break;
|
||||||
|
- case 'b' : secStatus = DER_AsciiToTime(&time, optstate->value);
|
||||||
|
- if (secStatus != SECSuccess) Usage(progName); break;
|
||||||
|
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
||||||
|
+ case 'b' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ secStatus = DER_AsciiToTime(&time, optstate->value);
|
||||||
|
+ if (secStatus != SECSuccess) Usage(progName);
|
||||||
|
+ break;
|
||||||
|
+ case 'd' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ certDir = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
case 'e' : ocsp_fetchingFailureIsAFailure = PR_FALSE; break;
|
||||||
|
case 'f' : certFetching = PR_TRUE; break;
|
||||||
|
case 'g' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
if (revMethodsData[revDataIndex].testTypeStr ||
|
||||||
|
revMethodsData[revDataIndex].methodTypeStr) {
|
||||||
|
revDataIndex += 1;
|
||||||
|
@@ -489,11 +505,13 @@ main(int argc, char *argv[], char *envp[
|
||||||
|
revMethodsData[revDataIndex].
|
||||||
|
testTypeStr = PL_strdup(optstate->value); break;
|
||||||
|
case 'h' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
revMethodsData[revDataIndex].
|
||||||
|
testFlagsStr = PL_strdup(optstate->value);break;
|
||||||
|
case 'i' : vfyCounts = PORT_Atoi(optstate->value); break;
|
||||||
|
break;
|
||||||
|
case 'm' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
if (revMethodsData[revDataIndex].methodTypeStr) {
|
||||||
|
revDataIndex += 1;
|
||||||
|
if (revDataIndex == REV_METHOD_INDEX_MAX) {
|
||||||
|
@@ -506,24 +524,33 @@ main(int argc, char *argv[], char *envp[
|
||||||
|
useDefaultRevFlags = PR_FALSE;
|
||||||
|
revMethodsData[revDataIndex].
|
||||||
|
methodTypeStr = PL_strdup(optstate->value); break;
|
||||||
|
- case 'o' : oidStr = PL_strdup(optstate->value); break;
|
||||||
|
+ case 'o' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ oidStr = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
case 'p' : usePkix += 1; break;
|
||||||
|
case 'r' : isAscii = PR_FALSE; break;
|
||||||
|
case 's' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
revMethodsData[revDataIndex].
|
||||||
|
- methodFlagsStr = PL_strdup(optstate->value); break;
|
||||||
|
+ methodFlagsStr = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
case 't' : trusted = PR_TRUE; break;
|
||||||
|
- case 'u' : usage = PORT_Atoi(optstate->value);
|
||||||
|
+ case 'u' :
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ usage = PORT_Atoi(optstate->value);
|
||||||
|
if (usage < 0 || usage > 62) Usage(progName);
|
||||||
|
certUsage = ((SECCertificateUsage)1) << usage;
|
||||||
|
if (certUsage > certificateUsageHighest) Usage(progName);
|
||||||
|
break;
|
||||||
|
case 'w':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
pwdata.source = PW_PLAINTEXT;
|
||||||
|
pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'W':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_FROMFILE;
|
||||||
|
pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
Index: ./mozilla/security/nss/cmd/vfyserv/vfyserv.c
|
||||||
|
===================================================================
|
||||||
|
RCS file: /cvsroot/mozilla/security/nss/cmd/vfyserv/vfyserv.c,v
|
||||||
|
retrieving revision 1.17
|
||||||
|
diff -u -p -r1.17 vfyserv.c
|
||||||
|
--- ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 8 Aug 2008 23:48:12 -0000 1.17
|
||||||
|
+++ ./mozilla/security/nss/cmd/vfyserv/vfyserv.c 2 Mar 2010 18:29:52 -0000
|
||||||
|
@@ -419,6 +419,15 @@ client_main(unsigned short port,
|
||||||
|
Usage(progName); \
|
||||||
|
}
|
||||||
|
|
||||||
|
+static void
|
||||||
|
+PrintMsgAndExit(const char *progName, char opt)
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "%s: option -%c requires argument\n", progName, opt);
|
||||||
|
+ Usage(progName);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+#define REQUIRE_ARG(opt,value) if (!(value)) PrintMsgAndExit(progName, opt)
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main(int argc, char **argv)
|
||||||
|
{
|
||||||
|
@@ -442,23 +451,43 @@ main(int argc, char **argv)
|
||||||
|
optstate = PL_CreateOptState(argc, argv, "C:cd:f:l:n:p:ot:w:");
|
||||||
|
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
||||||
|
switch(optstate->option) {
|
||||||
|
- case 'C' : cipherString = PL_strdup(optstate->value); break;
|
||||||
|
- case 'c' : dumpChain = PR_TRUE; break;
|
||||||
|
- case 'd' : certDir = PL_strdup(optstate->value); break;
|
||||||
|
- case 'l' : respUrl = PL_strdup(optstate->value); break;
|
||||||
|
- case 'p' : port = PORT_Atoi(optstate->value); break;
|
||||||
|
- case 'o' : doOcspCheck = PR_TRUE; break;
|
||||||
|
- case 't' : respCertName = PL_strdup(optstate->value); break;
|
||||||
|
- case 'w':
|
||||||
|
+ case 'C' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ cipherString = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+ case 'c' : dumpChain = PR_TRUE;
|
||||||
|
+ break;
|
||||||
|
+ case 'd' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ certDir = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+ case 'l' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ respUrl = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+ case 'p' :
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ port = PORT_Atoi(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+ case 'o' : doOcspCheck = PR_TRUE;
|
||||||
|
+ break;
|
||||||
|
+ case 't' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
+ respCertName = PL_strdup(optstate->value);
|
||||||
|
+ break;
|
||||||
|
+ case 'w' :
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_PLAINTEXT;
|
||||||
|
pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
-
|
||||||
|
case 'f':
|
||||||
|
+ REQUIRE_ARG(optstate->option, optstate->value);
|
||||||
|
pwdata.source = PW_FROMFILE;
|
||||||
|
pwdata.data = PORT_Strdup(optstate->value);
|
||||||
|
break;
|
||||||
|
- case '\0': hostName = PL_strdup(optstate->value); break;
|
||||||
|
+ case '\0':
|
||||||
|
+ REQUIRE_ARG(optstate->option,optstate->value);
|
||||||
|
+ hostName = PL_strdup(optstate->value); break;
|
||||||
|
default : Usage(progName);
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user